threat detected

i keep getting this while browsing the web hxxp://107.191.107.164:22223/ping

tough the scams says my system is clean…

please help

Attach your basic logs. (MBAM, FRST and aswMBR…!!)
Instructions: https://forum.avast.com/index.php?topic=53253.0

here…

thanks for the reply btw

i have already tried combo fix… but still got the alerts a couple of times after…

also my notebook started to shutdown on its own as of today…

but i think it is a hardware problem tough…

You’re welcome, now you’ve to wait a bit…

Could you let me know if this stops it

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-636407831-299991661-1308179524-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION 2014-11-07 23:08 - 2014-11-07 23:08 - 00003186 _____ () C:\WINDOWS\System32\Tasks\{4C29A09B-31DA-48D3-9914-BFB4ABC176E7} EmptyTemp: CMD: bitsadmin /reset /allusers

Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that

so far so good… but sometimes it would take a couple of hourse for me to get the alert

but it seems like it is better =)

thanks!

here ar the logs

When you are happy let me know

seems like the alerts are gone for good!

thanks a lot guys!

In that case methinks I will send you on your merry way :slight_smile:

Subject to no further problems :slight_smile:

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so…The following will implement some cleanup procedures as well as reset System Restore points:

Download and run Delfix

https://dl.dropboxusercontent.com/u/73555776/delfix.JPG

: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

https://dl.dropboxusercontent.com/u/73555776/CryptoPrevent.JPG

Malwarebytes.

Update and run weekly to keep your system clean

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:

so… the alerts are back!

=\

here are my new logs…

Thanks in advance.

Which browser does this appear in ?

Could you temporarily uninstall DAEMON Tools Lite

this appears in google chrome. wich is theonly browser i use … never use IE

done. daemon removed

Could you set chrome to incognito and see if that stops the alerts https://support.google.com/chrome/answer/95464?hl=en-GB

well… ever since the daemon got out i’ve had no alerts…

the problem is that they are not quite consistent… they would sometimes happen whem i’m on facebook or cheking the lol forums, and them they just disappear… not always specific…

in incognito i had no alerts… but them again, nor in normal navigation

OK run it for a day or so without daemon tools to see if it stays away

so far so good…

so we can assume it was daemon that was causing this? it is very strange… i had it installed for years and never had a problem =\

It has been reported that an update to daemon tools has caused this behaviour, you can try and install a fresh copy and see if the problem returns